OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_ | 5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_ |
6 #define CRYPTO_RSA_PRIVATE_KEY_H_ | 6 #define CRYPTO_RSA_PRIVATE_KEY_H_ |
7 | 7 |
8 #include "build/build_config.h" | 8 #include "build/build_config.h" |
9 | 9 |
10 #include <list> | 10 #include <list> |
11 #include <vector> | 11 #include <vector> |
12 | 12 |
13 #include "base/basictypes.h" | 13 #include "base/basictypes.h" |
14 #include "crypto/crypto_export.h" | 14 #include "crypto/crypto_export.h" |
15 | 15 |
16 #if defined(USE_NSS) | 16 #if defined(USE_NSS) |
17 #include "base/gtest_prod_util.h" | 17 #include "base/gtest_prod_util.h" |
18 #endif | 18 #endif |
19 | 19 |
20 #if !defined(USE_OPENSSL) | |
21 #include "crypto/scoped_nss_types.h" | |
22 #endif | |
23 | |
20 #if defined(USE_OPENSSL) | 24 #if defined(USE_OPENSSL) |
21 // Forward declaration for openssl/*.h | 25 // Forward declaration for openssl/*.h |
22 typedef struct evp_pkey_st EVP_PKEY; | 26 typedef struct evp_pkey_st EVP_PKEY; |
23 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) | 27 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) |
wtc
2013/11/11 20:56:25
Optional: This can become #else. Then you can move
mattm
2013/11/12 02:42:44
Done.
| |
24 // Forward declaration. | 28 // Forward declaration. |
25 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey; | 29 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey; |
26 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; | 30 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; |
27 #endif | 31 #endif |
28 | 32 |
29 | 33 |
30 namespace crypto { | 34 namespace crypto { |
31 | 35 |
32 // Used internally by RSAPrivateKey for serializing and deserializing | 36 // Used internally by RSAPrivateKey for serializing and deserializing |
33 // PKCS #8 PrivateKeyInfo and PublicKeyInfo. | 37 // PKCS #8 PrivateKeyInfo and PublicKeyInfo. |
(...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
174 static RSAPrivateKey* Create(uint16 num_bits); | 178 static RSAPrivateKey* Create(uint16 num_bits); |
175 | 179 |
176 // Create a new instance by importing an existing private key. The format is | 180 // Create a new instance by importing an existing private key. The format is |
177 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if | 181 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if |
178 // initialization fails. | 182 // initialization fails. |
179 static RSAPrivateKey* CreateFromPrivateKeyInfo( | 183 static RSAPrivateKey* CreateFromPrivateKeyInfo( |
180 const std::vector<uint8>& input); | 184 const std::vector<uint8>& input); |
181 | 185 |
182 #if defined(USE_NSS) | 186 #if defined(USE_NSS) |
183 // Create a new random instance. Can return NULL if initialization fails. | 187 // Create a new random instance. Can return NULL if initialization fails. |
184 // The created key is permanent and is not exportable in plaintext form. | 188 // The created key is permanent and is not exportable in plaintext form. |
wtc
2013/11/11 20:56:25
We should mention the new |slot| argument. I guess
mattm
2013/11/12 02:42:44
Done.
| |
185 static RSAPrivateKey* CreateSensitive(uint16 num_bits); | 189 static RSAPrivateKey* CreateSensitive(ScopedPK11Slot slot, uint16 num_bits); |
wtc
2013/11/11 20:56:25
Is it necessary to pass ScopedPK11Slot rather than
mattm
2013/11/12 02:42:44
Yeah, however it isn't really necessary for this c
| |
186 | 190 |
187 // Create a new instance by importing an existing private key. The format is | 191 // Create a new instance by importing an existing private key. The format is |
188 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if | 192 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if |
189 // initialization fails. | 193 // initialization fails. |
190 // The created key is permanent and is not exportable in plaintext form. | 194 // The created key is permanent and is not exportable in plaintext form. |
191 static RSAPrivateKey* CreateSensitiveFromPrivateKeyInfo( | 195 static RSAPrivateKey* CreateSensitiveFromPrivateKeyInfo( |
196 ScopedPK11Slot slot, | |
192 const std::vector<uint8>& input); | 197 const std::vector<uint8>& input); |
193 | 198 |
194 // Create a new instance by referencing an existing private key | 199 // Create a new instance by referencing an existing private key |
195 // structure. Does not import the key. | 200 // structure. Does not import the key. |
196 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key); | 201 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key); |
197 | 202 |
198 // Import an existing public key, and then search for the private | 203 // Import an existing public key, and then search for the private |
199 // half in the key database. The format of the public key blob is is | 204 // half in the key database. The format of the public key blob is is |
200 // an X509 SubjectPublicKeyInfo block. This can return NULL if | 205 // an X509 SubjectPublicKeyInfo block. This can return NULL if |
201 // initialization fails or the private key cannot be found. The | 206 // initialization fails or the private key cannot be found. The |
202 // caller takes ownership of the returned object, but nothing new is | 207 // caller takes ownership of the returned object, but nothing new is |
203 // created in the key database. | 208 // created in the key database. |
204 static RSAPrivateKey* FindFromPublicKeyInfo( | 209 static RSAPrivateKey* FindFromPublicKeyInfo( |
205 const std::vector<uint8>& input); | 210 const std::vector<uint8>& input); |
206 #endif | 211 #endif |
207 | 212 |
208 #if defined(USE_OPENSSL) | 213 #if defined(USE_OPENSSL) |
209 EVP_PKEY* key() { return key_; } | 214 EVP_PKEY* key() { return key_; } |
210 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) | 215 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) |
wtc
2013/11/11 20:56:25
This can become #else.
mattm
2013/11/12 02:42:44
Done.
| |
211 SECKEYPrivateKey* key() { return key_; } | 216 SECKEYPrivateKey* key() { return key_; } |
212 SECKEYPublicKey* public_key() { return public_key_; } | 217 SECKEYPublicKey* public_key() { return public_key_; } |
213 #endif | 218 #endif |
214 | 219 |
215 // Creates a copy of the object. | 220 // Creates a copy of the object. |
216 RSAPrivateKey* Copy() const; | 221 RSAPrivateKey* Copy() const; |
217 | 222 |
218 // Exports the private key to a PKCS #1 PrivateKey block. | 223 // Exports the private key to a PKCS #1 PrivateKey block. |
219 bool ExportPrivateKey(std::vector<uint8>* output) const; | 224 bool ExportPrivateKey(std::vector<uint8>* output) const; |
220 | 225 |
221 // Exports the public key to an X509 SubjectPublicKeyInfo block. | 226 // Exports the public key to an X509 SubjectPublicKeyInfo block. |
222 bool ExportPublicKey(std::vector<uint8>* output) const; | 227 bool ExportPublicKey(std::vector<uint8>* output) const; |
223 | 228 |
224 private: | 229 private: |
225 #if defined(USE_NSS) | 230 #if defined(USE_NSS) |
226 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FindFromPublicKey); | 231 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FindFromPublicKey); |
227 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FailedFindFromPublicKey); | 232 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FailedFindFromPublicKey); |
228 #endif | 233 #endif |
229 | 234 |
230 // Constructor is private. Use one of the Create*() or Find*() | 235 // Constructor is private. Use one of the Create*() or Find*() |
231 // methods above instead. | 236 // methods above instead. |
232 RSAPrivateKey(); | 237 RSAPrivateKey(); |
233 | 238 |
239 #if !defined(USE_OPENSSL) | |
234 // Shared helper for Create() and CreateSensitive(). | 240 // Shared helper for Create() and CreateSensitive(). |
235 // TODO(cmasone): consider replacing |permanent| and |sensitive| with a | 241 // TODO(cmasone): consider replacing |permanent| and |sensitive| with a |
236 // flags arg created by ORing together some enumerated values. | 242 // flags arg created by ORing together some enumerated values. |
237 // Note: |permanent| is only supported when USE_NSS is defined. | 243 // Note: |permanent| is only supported when USE_NSS is defined. |
238 static RSAPrivateKey* CreateWithParams(uint16 num_bits, | 244 static RSAPrivateKey* CreateWithParams(ScopedPK11Slot slot, |
245 uint16 num_bits, | |
239 bool permanent, | 246 bool permanent, |
240 bool sensitive); | 247 bool sensitive); |
241 | 248 |
242 // Shared helper for CreateFromPrivateKeyInfo() and | 249 // Shared helper for CreateFromPrivateKeyInfo() and |
243 // CreateSensitiveFromPrivateKeyInfo(). | 250 // CreateSensitiveFromPrivateKeyInfo(). |
244 // Note: |permanent| is only supported when USE_NSS is defined. | 251 // Note: |permanent| is only supported when USE_NSS is defined. |
245 static RSAPrivateKey* CreateFromPrivateKeyInfoWithParams( | 252 static RSAPrivateKey* CreateFromPrivateKeyInfoWithParams( |
253 ScopedPK11Slot slot, | |
246 const std::vector<uint8>& input, | 254 const std::vector<uint8>& input, |
247 bool permanent, | 255 bool permanent, |
248 bool sensitive); | 256 bool sensitive); |
257 #endif | |
249 | 258 |
250 #if defined(USE_OPENSSL) | 259 #if defined(USE_OPENSSL) |
251 EVP_PKEY* key_; | 260 EVP_PKEY* key_; |
252 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) | 261 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) |
wtc
2013/11/11 20:56:25
This can become #else.
mattm
2013/11/12 02:42:44
Done.
| |
253 SECKEYPrivateKey* key_; | 262 SECKEYPrivateKey* key_; |
254 SECKEYPublicKey* public_key_; | 263 SECKEYPublicKey* public_key_; |
255 #endif | 264 #endif |
256 | 265 |
257 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); | 266 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); |
258 }; | 267 }; |
259 | 268 |
260 } // namespace crypto | 269 } // namespace crypto |
261 | 270 |
262 #endif // CRYPTO_RSA_PRIVATE_KEY_H_ | 271 #endif // CRYPTO_RSA_PRIVATE_KEY_H_ |
OLD | NEW |